Document Change History - AUTOSAR...General Requirements on Basic Software Modules V2.0.1 1 of 73...

73
General Requirements on Basic Software Modules V2.0.1 1 of 73 AUTOSAR_SRS_General - AUTOSAR confidential - Document Title General Requirements on Basic Software Modules Document Owner AUTOSAR GbR Document Responsibility AUTOSAR GbR Document Version 2.0.1 Document Status Final Document Change History Date Version Changed by Change Description 26.06.2006 2.0.1 AUTOSAR Administration Layout Adaptations 23.05.2006 2.0.0 AUTOSAR Administration Second release 23.06.2005 1.0.0 AUTOSAR Administration Initial release

Transcript of Document Change History - AUTOSAR...General Requirements on Basic Software Modules V2.0.1 1 of 73...

  • General Requirements on Basic Software Modules V2.0.1

    1 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    Document Title General Requirements on Basic Software Modules

    Document Owner AUTOSAR GbR Document Responsibility AUTOSAR GbR Document Version 2.0.1 Document Status Final

    Document Change History Date Version Changed by Change Description 26.06.2006 2.0.1 AUTOSAR

    AdministrationLayout Adaptations

    23.05.2006 2.0.0 AUTOSAR Administration

    Second release

    23.06.2005 1.0.0 AUTOSAR Administration

    Initial release

  • General Requirements on Basic Software Modules V2.0.1

    2 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    Disclaimer This specification as released by the AUTOSAR Development Partnership is intended for the purpose of information only. The use of material contained in this specification requires membership within the AUTOSAR Development Partnership or an agreement with the AUTOSAR Development Partnership. The AUTOSAR Development Partnership will not be liable for any use of this Specification. Following the completion of the development of the AUTOSAR Specifications commercial exploitation licenses will be made available to end users by way of written License Agreement only. No part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from the publisher. The word AUTOSAR and the AUTOSAR logo are registered trademarks. Copyright © 2004-2006 AUTOSAR Development Partnership. All rights reserved. Advice to users of AUTOSAR Specification Documents: AUTOSAR Specification Documents may contain exemplary items (exemplary reference models, "use cases", and/or references to exemplary technical solutions, devices, processes or software). Any such exemplary items are contained in the Specification Documents for illustration purposes only, and they themselves are not part of the AUTOSAR Standard. Neither their presence in such Specification Documents, nor any later AUTOSAR compliance certification of products actually implementing such exemplary items, imply that intellectual property rights covering such exemplary items are licensed under the same rules as applicable to the AUTOSAR Standard.

  • General Requirements on Basic Software Modules V2.0.1

    3 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    Table of Contents 1 Scope of this document ....................................................................................... 7

    2 How to read this document.................................................................................. 8 2.1 Conventions used......................................................................................... 8 2.2 Requirements structure ................................................................................ 9

    3 Acronym and abbrevations................................................................................ 10

    4 General Requirements on Basic Software......................................................... 11 4.1 Functional Requirements ........................................................................... 11

    4.1.1 Configuration....................................................................................... 11 4.1.1.1 [BSW00344] Reference to link-time configuration........................ 11 4.1.1.2 [BSW00404] Reference to post build time configuration.............. 12 4.1.1.3 [BSW00405] Reference to multiple configuration sets ................. 12 4.1.1.4 [BSW00345] Pre-compile-time configuration ............................... 13 4.1.1.5 [BSW159] Tool-based configuration ............................................ 13 4.1.1.6 [BSW167] Static configuration checking ...................................... 14 4.1.1.7 [BSW171] Configurability of optional functionality........................ 14 4.1.1.8 [BSW170] Data for reconfiguration of AUTOSAR SW-Components ..................................................................................................... 15 4.1.1.9 [BSW00380] Separate C-Files for configuration parameters ....... 15 4.1.1.10 [BSW00419] Separate C-Files for pre-compile time configuration

    parameters................................................................................... 15 4.1.1.11 [BSW00381] Separate configuration header file for pre-compile

    time parameters ........................................................................... 16 4.1.1.12 [BSW00412] Separate H-File for configuration parameters ......... 16 4.1.1.13 [BSW00383] List dependencies of configuration files .................. 17 4.1.1.14 [BSW00384] List dependencies to other modules ....................... 17 4.1.1.15 [BSW00387] Specify the configuration class of callback function 17 4.1.1.16 [BSW00388] Introduce containers ............................................... 18 4.1.1.17 [BSW00389] Containers shall have names.................................. 18 4.1.1.18 [BSW00390] Parameter content shall be unique within the module. ..................................................................................................... 18 4.1.1.19 [BSW00391] Parameter shall have unique names....................... 19 4.1.1.20 [BSW00392] Parameters shall have a type.................................. 19 4.1.1.21 [BSW00393] Parameters shall have a range ............................... 19 4.1.1.22 [BSW00394] Specify the scope of the parameters....................... 20 4.1.1.23 [BSW00395] List the required parameters (per parameter) ......... 20 4.1.1.24 [BSW00396] Configuration classes.............................................. 21 4.1.1.25 [BSW00397] Pre-compile-time parameters.................................. 21 4.1.1.26 [BSW00398] Link-time parameters .............................................. 21 4.1.1.27 [BSW00399] Loadable Post-build time parameters ..................... 22 4.1.1.28 [BSW00400] Selectable Post-build time parameters ................... 22 4.1.1.29 [BSW00402] Published information ............................................. 22

    4.1.2 Wake-Up ............................................................................................. 23 4.1.2.1 [BSW00375] Notification of wake-up reason................................ 23

  • General Requirements on Basic Software Modules V2.0.1

    4 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    4.1.3 Initialization ......................................................................................... 24 4.1.3.1 [BSW101] Initialization interface .................................................. 24 4.1.3.2 [BSW00416] Sequence of Initialization ........................................ 24 4.1.3.3 [BSW00406] Check module initialization...................................... 24

    4.1.4 Normal Operation................................................................................ 25 4.1.4.1 [BSW168] Diagnostic Interface of SW components ..................... 25 4.1.4.2 [BSW00407] Function to read out published parameters............. 25 4.1.4.3 [BSW00423] Usage of SW-C template to describe BSW modules

    with AUTOSAR Interfaces............................................................ 26 4.1.4.4 [BSW00424] BSW main processing function task allocation........ 26 4.1.4.5 [BSW00425] Trigger conditions for schedulable objects.............. 27 4.1.4.6 [BSW00426] Exclusive areas in BSW modules ........................... 27 4.1.4.7 [BSW00427] ISR description for BSW modules........................... 28 4.1.4.8 [BSW00428] Execution order dependencies of main processing

    functions....................................................................................... 28 4.1.4.9 [BSW00429] Restricted BSW OS functionality access ................ 29 4.1.4.10 [BSW00431] The BSW Scheduler module implements task bodies ..................................................................................................... 30 4.1.4.11 [BSW00432] Modules should have separate main processing

    functions for read/receive and write/transmit data path................ 30 4.1.4.12 [BSW00433] Calling of main processing functions....................... 31 4.1.4.13 [BSW00434] The Schedule Module shall provide an API for

    exclusive areas ............................................................................ 31 4.1.5 Shutdown Operation ........................................................................... 32

    4.1.5.1 [BSW00336] Shutdown interface ................................................. 32 4.1.6 Fault Operation and Error Detection ................................................... 32

    4.1.6.1 [BSW00337] Classification of errors ............................................ 32 4.1.6.2 [BSW00338] Detection and Reporting of development errors...... 33 4.1.6.3 [BSW00369] Do not return development error codes via API ...... 33 4.1.6.4 [BSW00339] Reporting of production relevant error status.......... 34 4.1.6.5 [BSW00417] Reporting of Error Events by Non-Basic Software .. 34 4.1.6.6 [BSW00323] API parameter checking.......................................... 35 4.1.6.7 [BSW004] Version check ............................................................. 35 4.1.6.8 [BSW00409] Header files for production code error IDs .............. 36 4.1.6.9 [BSW00385] List possible error notifications................................ 37 4.1.6.10 [BSW00386] Configuration for detecting an error ........................ 37

    4.2 Non-functional Requirements..................................................................... 38 4.2.1 Software Architecture Requirements................................................... 38

    4.2.1.1 [BSW161] Microcontroller abstraction.......................................... 38 4.2.1.2 [BSW162] ECU layout abstraction ............................................... 38 4.2.1.3 [BSW005] No hard coded horizontal interfaces within MCAL ...... 38 4.2.1.4 [BSW00415] User dependent include files................................... 39

    4.2.2 Software Integration Requirements..................................................... 39 4.2.2.1 [BSW164] Implementation of interrupt service routines ............... 39 4.2.2.2 [BSW00325] Runtime of interrupt service routines ...................... 40 4.2.2.3 [BSW00326] Transition from ISRs to OS tasks............................ 40 4.2.2.4 [BSW00342] Usage of source code and object code................... 40 4.2.2.5 [BSW00343] Specification and configuration of time ................... 41 4.2.2.6 [BSW160] Human-readable configuration data............................ 41

    4.2.3 Software Module Design Requirements.............................................. 42

  • General Requirements on Basic Software Modules V2.0.1

    5 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    4.2.3.1 Software quality ........................................................................... 42 4.2.3.1.1 [BSW007] HIS MISRA C........................................................... 42

    4.2.3.2 Naming conventions .................................................................... 42 4.2.3.2.1 [BSW00300] Module naming convention .................................. 42 4.2.3.2.2 [BSW00413] Accessing instances of BSW modules................. 43 4.2.3.2.3 [BSW00347] Naming separation of different instances of BSW

    drivers ....................................................................................... 43 4.2.3.2.4 [BSW00305] Self-defined data types naming convention ......... 44 4.2.3.2.5 [BSW00307] Global variables naming convention .................... 44 4.2.3.2.6 [BSW00310] API naming convention........................................ 45 4.2.3.2.7 [BSW00373] Main processing function naming convention ...... 45 4.2.3.2.8 [BSW00327] Error values naming convention .......................... 46 4.2.3.2.9 [BSW00335] Status values naming convention ........................ 46 4.2.3.2.10 [BSW00350] Development error detection keyword ............... 47 4.2.3.2.11 [BSW00408] Configuration parameter naming convention ..... 48 4.2.3.2.12 [BSW00410] Compiler switches shall have defined values..... 48 4.2.3.2.13 [BSW00411] Get version info keyword ................................... 49

    4.2.3.3 Module file structure..................................................................... 50 4.2.3.3.1 [BSW00346] Basic set of module files ...................................... 50 4.2.3.3.2 [BSW158] Separation of configuration from implementation..... 50 4.2.3.3.3 [BSW00314] Separation of interrupt frames and service routines .................................................................................................. 51 4.2.3.3.4 [BSW00370] Separation of callback interface from API............ 51

    4.2.3.4 Standard header files ................................................................... 52 4.2.3.4.1 [BSW00348] Standard type header .......................................... 52 4.2.3.4.2 [BSW00353] Platform specific type header............................... 52 4.2.3.4.3 [BSW00361] Compiler specific language extension header ..... 53

    4.2.3.5 Module Design ............................................................................. 55 4.2.3.5.1 [BSW00301] Limit imported information.................................... 55 4.2.3.5.2 [BSW00302] Limit exported information.................................... 55 4.2.3.5.3 [BSW00328] Avoid duplication of code..................................... 55 4.2.3.5.4 [BSW00312] Shared code shall be reentrant............................ 56 4.2.3.5.5 [BSW006] Platform independency ............................................ 56

    4.2.3.6 Types and keywords .................................................................... 57 4.2.3.6.1 [BSW00357] Standard API return type ..................................... 57 4.2.3.6.2 [BSW00377] Module specific API return types ......................... 57 4.2.3.6.3 [BSW00304] AUTOSAR integer data types .............................. 58 4.2.3.6.4 [BSW00355] Do not redefine AUTOSAR integer data types..... 59 4.2.3.6.5 [BSW00378] AUTOSAR boolean type...................................... 60 4.2.3.6.6 [BSW00306] Avoid direct use of compiler and platform specific

    keywords................................................................................... 61 4.2.3.7 Global data................................................................................... 61

    4.2.3.7.1 [BSW00308] Definition of global data ....................................... 61 4.2.3.7.2 [BSW00309] Global data with read-only constraint................... 61

    4.2.3.8 Interface and API ......................................................................... 62 4.2.3.8.1 [BSW00371] Do not pass function pointers via API .................. 62 4.2.3.8.2 [BSW00358] Return type of init() functions ......................... 62 4.2.3.8.3 [BSW00414] Parameter of init function..................................... 63 4.2.3.8.4 [BSW00376] Return type and parameters of main processing

    functions ................................................................................... 63

  • General Requirements on Basic Software Modules V2.0.1

    6 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    4.2.3.8.5 [BSW00359] Return type of callback functions ......................... 64 4.2.3.8.6 [BSW00360] Parameters of callback functions ......................... 64 4.2.3.8.7 [BSW00329] Avoidance of generic interfaces........................... 64 4.2.3.8.8 [BSW00330] Usage of macros / inline functions instead of

    functions ................................................................................... 65 4.2.3.8.9 [BSW00331] Separation of error and status values .................. 65

    4.2.4 Software Documentation Requirements.............................................. 66 4.2.4.1 [BSW009] Module User Documentation....................................... 66 4.2.4.2 [BSW00401] Documentation of multiple instances of configuration

    parameters................................................................................... 66 4.2.4.3 [BSW172] Compatibility and documentation of scheduling strategy ..................................................................................................... 67 4.2.4.4 [BSW010] Memory resource documentation................................ 67 4.2.4.5 [BSW00333] Documentation of callback function context ............ 68 4.2.4.6 [BSW00374] Module vendor identification ................................... 68 4.2.4.7 [BSW00379] Module identification ............................................... 69 4.2.4.8 [BSW003] Version identification................................................... 69 4.2.4.9 [BSW00318] Format of module version numbers ........................ 69 4.2.4.10 [BSW00321] Enumeration of module version numbers ............... 70 4.2.4.11 [BSW00341] Microcontroller compatibility documentation ........... 71 4.2.4.12 [BSW00334] Provision of XML file ............................................... 71

    5 References ........................................................................................................ 73 5.1 Deliverables of AUTOSAR ......................................................................... 73 5.2 Related standards and norms .................................................................... 73

    5.2.1 OSEK .................................................................................................. 73 5.2.2 HIS ...................................................................................................... 73

  • General Requirements on Basic Software Modules V2.0.1

    7 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    1 Scope of this document The goal of AUTOSAR WP1.1.2 and this document is to define a common set of basic requirements that apply to all SW modules of the AUTOSAR Basic Software. These requirements shall be adopted and refined by the work packages responsible for the specification of Basic SW modules (WP4.2.2.1.x). The functional requirements defined in this document shall be referenced in each Software Specification (SWS) document of the AUTOSAR Basic Software. Constraints First scope for specification of requirements on Basic Software Modules are systems which are not safety relevant. For this reason safety requirements are assigned to medium priority.

  • General Requirements on Basic Software Modules V2.0.1

    8 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    2 How to read this document Each requirement has its unique identifier starting with the prefix “BSW” (for “Basic Software”). For any review annotations, remarks or questions, please refer to this unique ID rather than chapter or page numbers! 2.1 Conventions used In requirements, the following specific semantics shall be used (based on the Internet Engineering Task Force IETF). The key words "MUST", "MUST NOT", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "MAY", and "OPTIONAL" in this document are to be interpreted as:

    • SHALL: This word means that the definition is an absolute requirement of the

    specification. • SHALL NOT: This phrase means that the definition is an absolute prohibition

    of the specification. • MUST: This word means that the definition is an absolute requirement of the

    specification due to legal issues. • MUST NOT: This phrase means that the definition is an absolute prohibition of

    the specification due to legal constraints. • SHOULD: This word, or the adjective "RECOMMENDED", mean that there

    may exist valid reasons in particular circumstances to ignore a particular item, but the full implications must be understood and carefully weighed before choosing a different course.

    • SHOULD NOT: This phrase, or the phrase "NOT RECOMMENDED" mean that there may exist valid reasons in particular circumstances when the particular behavior is acceptable or even useful, but the full implications should be understood and the case carefully weighed before implementing any behavior described with this label.

    • MAY: This word, or the adjective „OPTIONAL“, means that an item is truly optional. One vendor may choose to include the item because a particular marketplace requires it or because the vendor feels that it enhances the product while another vendor may omit the same item. An implementation, which does not include a particular option, MUST be prepared to interoperate with another implementation, which does include the option, though perhaps with reduced functionality. In the same vein an implementation, which does include a particular option, MUST be prepared to interoperate with another implementation, which does not include the option (except, of course, for the feature the option provides.)

  • General Requirements on Basic Software Modules V2.0.1

    9 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    2.2 Requirements structure Each module specific chapter contains a short functional description of the Basic Software Module. Requirements of the same kind within each chapter are grouped under the following headlines (where applicable): Functional Requirements: - Configuration (which elements of the module need to be configurable) - Initialization - Normal Operation - Shutdown Operation - Fault Operation - … Non-Functional Requirements: - Timing Requirements - Resource Usage - Usability - Output for other WPs (e.g. Description Templates, Tooling,...) - ... Mapping to AUTOSAR releases For each requirement defined in the document “General Requirements on Basic Software Modules”, there shall be a reference to the AUTOSAR release(s) for which the requirement is valid. This is achieved by the row “AUTOSAR release” in the requirement description table. This Requirements Specification contains general requirements that are valid for all SW modules that are part of the AUTOSAR Basic Software. The obligatory part of the requirements is stated in the description of each requirement.

  • General Requirements on Basic Software Modules V2.0.1

    10 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    3 Acronym and abbrevations Acronym: Description: Interrupt frame An interrupt frame is the code which is generated by the compiler or the assembler

    code for prefix and postfix of interrupt routines. This code is Microcontroller specific

  • General Requirements on Basic Software Modules V2.0.1

    11 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    4 General Requirements on Basic Software The requirements on Basic Software cover the following domains: • Body • Powertrain • Chassis • Safety (assumption: covered, because hardware and system infrastructure are

    similar to the domains above) The ECU application experience is taken from the following concrete applications:

    • Sunroof and power window ECU • Diesel engine ECU • ESP ECU • BMW, DC and VW standard software packages (‘Standard Core’, ‘Standard

    Software Platform‘, ‘Standard Software Core’) including OSEK OS, communication modules, bootloader, basic diagnostic functions for the domains listed above

    • Infotainment control ECU 4.1 Functional Requirements 4.1.1 Configuration 4.1.1.1 [BSW00344] Reference to link-time configuration Initiator: BMW Date: 23.07.2004 AUTOSAR Release: 1.0 and higher Short Description: Reference to link time configuration Type: New Importance: High Description: All modules of the AUTOSAR Basic Software that operate on link-time

    configurable data at runtime shall use a read only reference (pointer) to an external configuration instance.

    Rationale: Allow configurable functionality of modules that are deployed as object code.Usually those modules are drivers.

    Use Case: Example: typedef struct { void (*NotifyJobOk)(void); uint8 NormalReadBlockSize; uint8 FastReadBlockSize; } Eep_ConfigType; const Eep_ConfigType Eep_Config = /* instantiate */ { NULL, 8, 64 /* and initialize */ };

  • General Requirements on Basic Software Modules V2.0.1

    12 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    Example for usage: Eep_Init(&Eep_Config);

    Dependencies: [BSW00342] Usage of source code and object code [ECUC0048] Link-time configuration (see [ECU_CONF_SRS])

    Conflicts: -- Supporting Material: --

    4.1.1.2 [BSW00404] Reference to post build time configuration Initiator: BMW Date: 23.07.2004 AUTOSAR Release: 1.0 and higher Short Description: Reference to post build time configuration Type: New Importance: High Description: Modules of the AUTOSAR Basic Software that operate on one post build

    time configurable data entity shall use a read only reference (pointer) to an external configuration instance. (violation of this requirement must be reasoned)

    Rationale: As long as there is only one set of configuration data (i.e. we have no multiple configuration sets) the references can be resolved as constant pointers. The indirections shall be kept as simple as possible

    Use Case: -- Dependencies: [BSW00342] Usage of source code and object code

    [ECUC0048] Link-time configuration (see [ECU_CONF_SRS]) Conflicts: -- Supporting Material: --

    4.1.1.3 [BSW00405] Reference to multiple configuration sets Initiator: BMW / CAS Date: 27.10.2005 AUTOSAR Release: 2.0 and higher Short Description: Reference to multiple configuration sets Type: Changed (Telcon) Importance: High Description: Modules of the AUTOSAR Basic Software that operate on more than one

    post build time configurable data entity shall use a reference (pointer) to an external configuration instance. This reference is initialized at start-up of the module. It can only be changed at initialization-time. It must not be changed afterwards.

    Rationale: Application of the same software to different cars. Use Case: -- Dependencies: [BSW00342] Usage of source code and object code

    [ECUC0048] Link-time configuration (see [ECU_CONF_SRS]) Conflicts: -- Supporting Material: --

  • General Requirements on Basic Software Modules V2.0.1

    13 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    4.1.1.4 [BSW00345] Pre-compile-time configuration Initiator: BMW Date: 23.07.2004 AUTOSAR Release: 1.0 and higher Short Description: Pre-compile-time configuration Type: Changed to add “*.c” file Importance: High Description: All modules of the AUTOSAR Basic Software, operating on Pre-compile-time

    configuration data (not to be modified after compile time), shall group and export the configuration data to configuration files. Module specific configuration header file naming convention: _Cfg.h and possibly _Cfg.c

    Rationale: Static configuration is decoupled from implementation. Separation of configuration dependent data at compile time furthermore enhances flexibility, readability and reduces version management as no source code is affected.

    Use Case: In Tp_Cfg.h: #define TP_USE_NORMAL_ADDRESSING kTpOff #define TP_USE_NORMAL_FIXED_ADDRESSING kTpOff #define TP_USE_EXTENDED_ADDRESSING kTpOn ... in Tp.c: … #include "Tp_Cfg.h" … #if (TP_USE_NORMAL_ADDRESSING == kTpOn) … do something #endif

    Dependencies: [BSW158] Separation of configuration from implementation [ECUC0047] Pre-compile-time configuration (see [ECU_CONF_SRS])

    Conflicts: -- Supporting Material: --

    4.1.1.5 [BSW159] Tool-based configuration Initiator: BMW Date: 10.02.2004 AUTOSAR Release: 1.0 and higher Short Description: Tool-based configuration. Type: New Importance: High Description: All modules of the AUTOSAR Basic Software shall support a tool based

    configuration. Rationale: Integration into AUTOSAR methodology Use Case: The NVRAM manager can be automatically configured depending on the NV

    parameters and their corresponding attributes of the software components. Dependencies: -- Conflicts: -- Supporting Material: --

  • General Requirements on Basic Software Modules V2.0.1

    14 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    4.1.1.6 [BSW167] Static configuration checking Initiator: BMW Date: 24.11.2005 AUTOSAR Release: 1.0 and higher Short Description: Static configuration checking Type: Changed Importance: High Description: All AUTOSAR Basic Software Modules shall provide configuration rules and

    constraints to enable plausibility checks of configuration during ECU configuration time where possible.

    Rationale: Runtime efficiency: Checks can be made by a configuration tool or the preprocessor instead during runtime. Safety: Detect wrong or missing configurations as early as possible

    Use Case: -- Dependencies: Requirements for configuration toolchain.

    [BSW00334] Provision of XML file Conflicts: -- Supporting Material: --

    4.1.1.7 [BSW171] Configurability of optional functionality Initiator: BOSCH Date: 29.02.2004 AUTOSAR Release: 1.0 and higher Short Description: Configure optional functionality in a way to minimize resource consumption Type: Changed (18.03.2005) Importance: High Description: Optional functionality of a Basic-SW component that is not required in the

    ECU shall be configurable at pre-compile-time (on/off). Rationale: Optional functionalities of Basic SW components which are disabled by static

    configuration shall not consume resources (RAM, ROM, runtime). Implementation example: in C language, preprocessing directives can be used. Ensure optimal resource consumption. There are many requirements marked with high importance but not all are used in each ECU thus resource overhead must be avoided.

    Use Case: 1. The development error detection is a statically configurable optional function that can be enabled and disabled.

    2. The EEPROM write cycle reduction is a statically configurable optional function that can be enabled and disabled.

    Dependencies: -- Conflicts: -- Supporting Material: --

  • General Requirements on Basic Software Modules V2.0.1

    15 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    4.1.1.8 [BSW170] Data for reconfiguration of AUTOSAR SW-Components Initiator: BOSCH Date: 24.11.2005 AUTOSAR Release: 1.0 and higher Short Description: The AUTOSAR SW Components shall provide information about their

    dependency from faults, signal qualities, driver demands, ... Type: Changed Importance: High Description: AUTOSAR SW-Components may depend on the system fault state or

    configuration demand of OEM or driver. These reconfiguration dependencies must be provided during ECU configuration time. This information must be used for cross checks and functional evaluation at ECU configuration time and for correct shut down/activation behavior at runtime.

    Rationale: Resolve the interdependencies between AUTOSAR SW-Components. Use Case: A fault of the steering angle sensor will lead to reduced function of the

    related AUTOSAR SW-Components. Example: - faults (CAN bus off, sensor defective, calibration data checksum error) - signal quality (lambda sensor not yet in operating temperature range) - driver demands (disable ESP) - ...

    Dependencies: -- Conflicts: -- Supporting Material: --

    4.1.1.9 [BSW00380] Separate C-Files for configuration parameters Initiator: WP1.1.2 Date: 30.06.2005 AUTOSAR Release: 2.0 and higher Short Description: Separate C-Files for configuration parameters Type: New Importance: High Description: Configuration parameters being stored in memory shall be placed into

    separate c-files (effected parameters are those from link-time configuration as well as those from post-build time configuration).

    Rationale: Enable the use of different object files. Use Case: -- Dependencies: [BSW00381] Separate configuration header file for pre-compile time

    parameters [BSW00346] Basic set of module files

    Conflicts: -- Supporting Material: Layered Software Architecture ([DOC_LAYERED_ARCH])

    4.1.1.10 [BSW00419] Separate C-Files for pre-compile time configuration

    parameters Initiator: WP1.1.2 Date: 30.06.2005 AUTOSAR Release: 2.0 and higher

  • General Requirements on Basic Software Modules V2.0.1

    16 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    Short Description: Separate C-Files for pre-compile time configuration parameters Type: New Importance: Medium Description: If a pre-compile time configuration parameter is implemented as “const“ it

    should be placed into a separate c-file. Rationale: Enabling of object code integration.

    Separation of configuration from implementation. Use Case: -- Dependencies: [BSW00380] Separate C-Files for configuration parameters Conflicts: -- Supporting Material: Layered Software Architecture ([DOC_LAYERED_ARCH])

    4.1.1.11 [BSW00381] Separate configuration header file for pre-compile

    time parameters Initiator: WP1.1.2 Date: 21.10.2005 AUTOSAR Release: 2.0 and higher Short Description: Separate configuration header file for pre-compile time parameters Type: Changed (Telcon) Importance: High Description: The pre-compile time parameters shall be placed into a separate

    configuration header file. Rationale: Keep the configuration data separate. Use Case: -- Dependencies: [BSW00345] Pre-compile-time configuration Conflicts: -- Supporting Material: --

    4.1.1.12 [BSW00412] Separate H-File for configuration parameters Initiator: WP1.1.2 Date: 30.06.2005 AUTOSAR Release: 2.0 and higher Short Description: Separate H-File for configuration parameters Type: New Importance: High Description: References to c-configuration parameters (link time and post-build time)

    shall be placed into a separate h-file. The h-file shall be the same as pre-compile time parameters.

    Rationale: Put the references in the file yxz_cfg.h to enable access to the configuration data.

    Use Case: -- Dependencies: [BSW00381] Separate configuration header file for pre-compile time

    parameters, [BSW00345] Pre-compile-time configuration

    Conflicts: -- Supporting Material: --

  • General Requirements on Basic Software Modules V2.0.1

    17 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    4.1.1.13 [BSW00383] List dependencies of configuration files Initiator: WP1.1.2 Date: 08.12.2005 AUTOSAR Release: 2.0 and higher Short Description: List dependencies of configuration files Type: Changed Importance: High Description: The Basic Software Module specifications shall specify which other

    configuration files from other modules they use at least in the description. Rationale: Resolve compatibility issues Use Case: -- Dependencies: [BSW00384] List dependencies to other modules Conflicts: -- Supporting Material: --

    4.1.1.14 [BSW00384] List dependencies to other modules Initiator: WP1.1.2 Date: 08.12.2005 AUTOSAR Release: 2.0 and higher Short Description: List dependencies to other modules Type: Changed Importance: High Description: The Basic Software Module specifications shall specify at least in the

    description which other modules (in which versions) they require. Rationale: Resolve compatibility issues Use Case: -- Dependencies: [BSW00383] List dependencies of configuration files Conflicts: -- Supporting Material: --

    4.1.1.15 [BSW00387] Specify the configuration class of callback function Initiator: WP1.1.2 Date: 08.12.2005 AUTOSAR Release: 2.0 and higher Short Description: Specify the configuration class of callback function Type: Changed Importance: High Description: The Basic Software Module specifications shall specify how the callback

    function is to be implemented. (Pre-compile macro, pointer at link time, array of pointers at post-build time and pointer at post-build time)

    Rationale: -- Use Case: If a pre-compile time callback function (macro) shall be changed to a post

    build time multiple configuration-set callback function (pointer to a function). The implementation will change significantly.

    Dependencies: -- Conflicts: -- Supporting Material: See Glossary ([GLOSSARY]) and ECU Configuration (WP4.1.1.2)

    ([ECU_CONF_SRS])

  • General Requirements on Basic Software Modules V2.0.1

    18 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    4.1.1.16 [BSW00388] Introduce containers Initiator: WP1.1.2 Date: 30.06.2005 AUTOSAR Release: 2.0 and higher Short Description: Introduce containers Type: New Importance: High Description: Containers are used to group configuration parameters that are defined for

    the same object. Containers are to be defined whenever 1. Several configuration parameters logically belong together. 2. Configuration must be repeated with different parameter values for

    several entities of same type (e.g. the NVRAM manager has some parameters that are defined once for the whole module, which are collected in one container, and a set of parameters that are defined once per memory block, which are collected in another container. This second container is included in the first container and will be instantiated once for each memory block)

    3. Containers may contain parameters of different configuration classes. This will not map to the software implementation!

    Rationale: Cluster the configuration parameters in order to ease the readability of code.Use Case: Header configuration file with sections for each container Dependencies: [BSW00389] Containers shall have names Conflicts: -- Supporting Material: See Glossary and ECU Configuration (WP4.1.1.2)

    4.1.1.17 [BSW00389] Containers shall have names Initiator: WP1.1.2 Date: 30.06.2005 AUTOSAR Release: 2.0 and higher Short Description: Containers shall have names Type: New Importance: High Description: Containers shall have names – these names will map to section headers in

    the configuration header-files or configuration c-files containing the parameters

    Rationale: Enable referencing to the .XML document. Use Case: -- Dependencies: -- Conflicts: -- Supporting Material: See Glossary ([GLOSSARY]) and ECU Configuration (WP4.1.1.2)

    ([ECU_CONF_SRS]) 4.1.1.18 [BSW00390] Parameter content shall be unique within the module Initiator: WP1.1.2 Date: 30.06.2005 AUTOSAR Release: 2.0 and higher Short Description: Parameter content shall be unique within the module Type: New Importance: High Description: The same intention, logical contents or semantic shall be placed in one

  • General Requirements on Basic Software Modules V2.0.1

    19 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    parameter only (There must not be several parameters with the same intention, logical contents or semantic )

    Rationale: Avoid multitude identical definitions. Ease the maintenance Use Case: -- Dependencies: -- Conflicts: -- Supporting Material: --

    4.1.1.19 [BSW00391] Parameter shall have unique names Initiator: WP1.1.2 Date: 30.06.2005 AUTOSAR Release: 2.0 and higher Short Description: Parameter shall have unique names Type: New Importance: High Description: A parameters name must be unique per module. If the parameter is exported

    it must be unique to all modules using this parameter Rationale: Avoid mismatch in scope of parameter. Use Case: -- Dependencies: -- Conflicts: -- Supporting Material: --

    4.1.1.20 [BSW00392] Parameters shall have a type Initiator: WP1.1.2 Date: 08.12.2005 AUTOSAR Release: 2.0 and higher Short Description: Parameters shall have a type Type: Changed Importance: High Description: Each Parameter shall have a type. Types shall be based on primitive or,

    complex types defined within AUTOSAR specifications. I.e. they may be combined to structures, arrays etc. Parameters based on a “define” statement shall be put down in a way that the type can be checked by tool.

    Rationale: -- Use Case: E.g. the type is used to generate the configuration data for post-build time

    configuration. Example:

    • Type: #define MyExample ((uint8) 0815) • Type: uint16

    Dependencies: -- Conflicts: -- Supporting Material: --

    4.1.1.21 [BSW00393] Parameters shall have a range Initiator: WP1.1.2 Date: 08.12.2005

  • General Requirements on Basic Software Modules V2.0.1

    20 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    AUTOSAR Release: 2.0 and higher Short Description: Parameters shall have a range Type: Changed Importance: High Description: Each parameter shall have a list of valid values or the minimum as well as

    maximum values shall be specified. Rationale: -- Use Case: E.g. the range is used to enable the consistency check by a tool.

    Example: • Range ON, OFF • Range 1..15

    Dependencies: -- Conflicts: -- Supporting Material: --

    4.1.1.22 [BSW00394] Specify the scope of the parameters Initiator: WP1.1.2 Date: 30.06.2005 AUTOSAR Release: 2.0 and higher Short Description: Specify the scope of the parameters Type: New Importance: High Description: A parameter may only be applicable for the module it is defined in. In this

    case, the parameter is marked as “local”. Alternatively, the parameter may be shared with other modules (i.e. exported). In that case, the scope shall list the names of the other modules sharing this parameter. Each parameter shall only be defined once in one module. All other modules sharing the parameter must not define the parameter again. Instead, the parameter is to be imported. This is applicable for c-code as well as for .XML configuration.

    Rationale: -- Use Case: Importing and exporting could be achieved in different ways: external

    reference, redefinition in the other module. Dependencies: -- Conflicts: -- Supporting Material: [BSW00391] Parameter shall have unique names

    4.1.1.23 [BSW00395] List the required parameters (per parameter) Initiator: WP1.1.2 Date: 08.12.2005 AUTOSAR Release: 2.0 and higher Short Description: List the required parameters (per parameter) Type: Changed Importance: High Description: The Basic Software Module specifications must list configuration parameters

    of this or other modules this parameter relies on. A dependency is for example: the value of another parameter influences or invalidates the setting of this parameter.

    Rationale: -- Use Case: Specified parameter “Bit timing register” requires other parameters e.g.,

    “input clock frequency” which is defined in another module. Dependencies: --

  • General Requirements on Basic Software Modules V2.0.1

    21 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    Conflicts: -- Supporting Material: --

    4.1.1.24 [BSW00396] Configuration classes Initiator: WP1.1.2 Date: 08.12.2005 AUTOSAR Release: 2.0 and higher Short Description: Configuration classes Type: Changed Importance: High Description: There are three main configuration classes. The Basic Software Module

    specifications must specify the classes to be supported (per parameter). The classes are: - pre- compile time configuration - link time configuration - post build time configuration (could be either loadable or multiple)

    Rationale: Enable optimizing towards different goals of configuration. Use Case: -- Dependencies: -- Conflicts: -- Supporting Material: --

    4.1.1.25 [BSW00397] Pre-compile-time parameters Initiator: WP1.1.2 Date: 30.06.2005 AUTOSAR Release: 2.0 and higher Short Description: Pre-compile-time parameters Type: New Importance: High Description: The configuration parameters in pre-compile time are fixed before

    compilation starts. The configuration of the SW element is done at source code level.

    Rationale: Ease generation of efficient code. Use Case: -- Dependencies: -- Conflicts: -- Supporting Material: [BSW00345] Pre-compile-time configuration

    4.1.1.26 [BSW00398] Link-time parameters Initiator: WP1.1.2 Date: 30.06.2005 AUTOSAR Release: 2.0 and higher Short Description: Link-time parameters Type: New Importance: High Description: The link-time configuration is achieved on object code basis in the stage

    after compiling and before linking (locating). Rationale: Concept of configuration to support modules delivered as object code.

  • General Requirements on Basic Software Modules V2.0.1

    22 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    Use Case: -- Dependencies: -- Conflicts: -- Supporting Material: [BSW00344] Reference to link-time configuration

    4.1.1.27 [BSW00399] Loadable Post-build time parameters Initiator: WP1.1.2 Date: 30.06.2005 AUTOSAR Release: 2.0 and higher Short Description: Loadable Post-build time parameters Type: New Importance: High Description: Parameter-sets are located in a separate segment and can be loaded after

    the code. (see definition of post-build time configuration in the AUTOSAR glossary). This means as well the memory layout of ext. conf. parameters must be known. This set of parameters may be optimized in a way (configuration is always located at the same address) that the pointer indirection is avoided.

    Rationale: -- Use Case: Loadable CAN configuration or communication matrix. Dependencies: -- Conflicts: -- Supporting Material: --

    4.1.1.28 [BSW00400] Selectable Post-build time parameters Initiator: WP1.1.2 Date: 30.06.2005 AUTOSAR Release: 2.0 and higher Short Description: Selectable Post-build time parameters Type: New Importance: High Description: Parameter will be selected from multiple sets of parameters after code has

    been loaded and started. During module startup (initialization) one of several configurations is selected. Only the power up initialization is allowed to select the parameter (parameter–set). This configuration is typically a data structure that contains the relevant parameter values (see definition of post-build time configuration in the AUTOSAR glossary).

    Rationale: -- Use Case: Reuse of ECUs. Dependencies: -- Conflicts: -- Supporting Material: --

    4.1.1.29 [BSW00402] Published information Initiator: WP1.1.2 Date: 30.06.2005 AUTOSAR Release: 2.0 and higher Short Description: Published information

  • General Requirements on Basic Software Modules V2.0.1

    23 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    Type: New Importance: High Description: This published information shall be included in each module:

    VENDOR_ID, MODULE_ID, AR_MAJOR_VERSION, AR_MINOR_VERSION, AR_PATCH_VERSION, SW_MAJOR_VERSION, SW_MINOR_VERSION, SW_PATCH_VERSION.

    Rationale: The published information contains data defined by the implementer of the SW module that doesn’t change when the module is adapted (i.e. configured) to the actual HW/SW environment it is used in. It thus contains version and manufacturer information to ease the integration of different BSW modules.

    Use Case: -- Dependencies: [BSW004] Version check

    [BSW00407] Function to read out published parameters [BSW00318] Format of module version numbers

    Conflicts: -- Supporting Material: --

    4.1.2 Wake-Up 4.1.2.1 [BSW00375] Notification of wake-up reason Initiator: WP4.2.2.1.12 Date: 24.11.2005 AUTOSAR Release: 1.0 and higher Short Description: Notification of wake-up reason Type: New Importance: High Description: All Basic Software Modules that implement wake-up interrupts shall report

    the wake-up reason to the ECU State Manager via the IO Hardware Abstraction within the wake-up interrupt. Within this notification the ECU State Manager shall store the passed wake-up ID for later evaluation.

    Rationale: Allow ECU State Manager to decide which start-up sequence is chosen based on the wake-up reason.

    Use Case: A body ECU can wake-up from 3 different wake-up sources. Depending on the wake-up reason, the ECU

    • blinks the door lock indication LEDs • performs a full start-up • evaluates the received key ID and decides to start-up and unlock or

    goto sleep again Dependencies: -- Conflicts: -- Supporting Material: --

  • General Requirements on Basic Software Modules V2.0.1

    24 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    4.1.3 Initialization 4.1.3.1 [BSW101] Initialization interface Initiator: DC Date: 27.10.2005 AUTOSAR Release: 1.0 and higher Short Description: Initialization interface. Type: Changed (split up into two parts, shutdown interface moved to [BSW00336]) Importance: High Description: If a Basic Software Module needs to initialize variables and hardware

    resources, this should be done in a separate initialization function. This function shall be named _Init().

    Rationale: Interface to ECU state manager Use Case: -- Dependencies: [BSW00358] Return type of init() functions

    [BSW00414] Parameter of init function Exception: [BSW00406] Check module initialization

    Conflicts: -- Supporting Material: --

    4.1.3.2 [BSW00416] Sequence of Initialization Initiator: Error Handling Date: 08.02.2006 AUTOSAR Release: 2.0 and higher Short Description: Sequence of Initialization Type: New Importance: High Description: The sequence of modules to be initialized shall be configurable.

    An exception to this is the initialization of the Com stack, which should be standardized. (standardized initialization of the Com Manager)

    Rationale: To enable the handling of dependencies of Basic SW-modules with the respect to environment, implementation and proprietary functionality the startup sequence needs to be adaptable.

    Use Case: Startup of the DET dependent on the proprietary functionality it fulfills. Dependencies: - Conflicts: - Supporting Material: -

    4.1.3.3 [BSW00406] Check module initialization Initiator: DC Date: 20.06.2005 AUTOSAR Release: 2.0 and higher Short Description: Check module initialization Type: new Importance: high Description: A static status variable denoting if a BSW module is initialized shall be

    initialized with value 0 before any APIs of the BSW module is called. The initialization function of the BSW modules shall set the static status variable to a value not equal to 0.

  • General Requirements on Basic Software Modules V2.0.1

    25 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    Rationale: In API calls to not initialized BSW modules should report value like “Module not initialized” to Development Error Tracer (DET) if switched on. Without the initialization of the status variable within C-initialization the module is unable to check the status.

    Use Case: The call “Can_Write()” to the Can driver causes a call Det_ReportError (ModuleId, ApiId, ErrorId); in case the Can driver is not initialized. In this case the return value of the “Can_Write()” function will be “E_NOT_OK”.

    Dependencies: Exception from [BSW101] [BSW00338] Detection and Reporting of development errors [BSW00369] Do not return development error codes via API

    Conflicts: -- Supporting Material: --

    4.1.4 Normal Operation 4.1.4.1 [BSW168] Diagnostic Interface of SW components Initiator: BOSCH Date: 06.05.2004 AUTOSAR Release: 1.0 and higher Short Description: Diagnostic interface of SW components for external test Type: Changed after review in DC Importance: Medium Description: If a SW component above or below RTE has the requirement to be tested by

    external devices e.g. in the garage, the required function shall be accessed via a common API from diagnostics services in Basic-SW (function, data interface).

    Rationale: Ensure less difference in handling and kind of API Use Case: Tester in the garage requires calibration of a certain SW-component e.g.

    steering angle sensor monitoring in the ESP. The interface must remain to be ready for moving this SW-component. This interface can also be used by XCP.

    Dependencies: -- Conflicts: -- Supporting Material: --

    4.1.4.2 [BSW00407] Function to read out published parameters Initiator: DC Date: 15.09.2005 AUTOSAR Release: 2.0 and higher Short Description: Function to read out published parameters Type: Changed, to harmonize with SWS Template Importance: High Description: Each BSW module shall provide a function to read out the version

    information of a dedicated module implementation. Naming convention which shall be applied: void _GetVersionInfo(Std_VersionInfoType *versioninfo); This API shall be pre-compile time configurable (see BSW00411).

  • General Requirements on Basic Software Modules V2.0.1

    26 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    The version number consists of three parts: • Two bytes for the vendor ID • One byte for the module ID • Three bytes version number. The numbering shall be vendor

    specific; it consists of: The major, the minor and the patch version number of the module.

    • The AUTOSAR specification version number shall not be included. Rationale: If problems are detected within an ECU during lifetime this enables the

    garage to check the version of the modules. The AUTOSAR specification version number is checked during compile time (see requirement BSW004) and therefore not required in this API.

    Use Case: With this API the garage can read out version information which is implemented in a dedicated (erroneous) ECU to enable the decision whether a software update might be sufficient, or not.

    Dependencies: [BSW00318] Format of module version numbers [BSW00374] Module vendor identification [BSW00411] Get version info keyword

    Conflicts: -- Supporting Material: --

    4.1.4.3 [BSW00423] Usage of SW-C template to describe BSW modules with

    AUTOSAR Interfaces Initiator: WP1.1.2 Date: 10.11.2005 AUTOSAR Release: 2.0 and higher Short Description: Usage of SW-C template to describe BSW modules with AUTOSAR

    Interfaces Type: New Importance: High Description: BSW modules with AUTOSAR interfaces shall be describable with the

    means of the SW-C Template. The BSW description template shall therefore inherit the concepts of the SW-C Template for those BSW modules.

    Rationale: AUTOSAR Services are located in the BSW, but have to interact with AUTOSAR SW-Cs (above the RTE) via ports. Therefore the RTE generator shall be able to read the input and shall be able to generate proper RTE.

    Use Case: (1) SW-Cs use the service(s) related to the NvM_Read C-API of the NvM (2) SW-Cs use services of the EcuM in order to request or release the run mode

    Dependencies: Scheduling objects “Runnable Entity” and “MainFunctions” are implemented by different entities, i.e. RTE or (BSW) Schedule Module. Passing interrupts between BSW modules via the RTE is still to be checked

    Conflicts: -- Supporting Material: --

    4.1.4.4 [BSW00424] BSW main processing function task allocation Initiator: WP1.1.2 Date: 09.11.2005 AUTOSAR Release: 2.0 and higher

    Short Description: BSW main processing function task allocation Type: New Importance: High

  • General Requirements on Basic Software Modules V2.0.1

    27 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    Description: BSW module main processing functions are only allowed to be allocated to basic tasks (see extended and basic task according to AUTOSAR OS classification).

    Rationale: Typically, basic tasks are more efficient then extended tasks. Enables scheduleability analysis and predictability.

    Use Case: Enabling scheduleability analysis of the ECU. Dependencies: -- Conflicts: -- Supporting Material: --

    4.1.4.5 [BSW00425] Trigger conditions for schedulable objects Initiator: WP1.1.2 Date: 17.10.2005 AUTOSAR Release: 2.0 and higher Short Description: Trigger conditions for schedulable objects Type: New Importance: High Description: The BSW module description template shall provide means to model the

    following trigger conditions of schedulable objects: • Cyclic timings (fixed and selectable during runtime) • Sporadic events

    Rationale: The model of the timing behavior of a BSW module can serve for the purpose of (1) documentation (2) integration supports the design of the schedule module.

    Use Case: - Dependencies: -- Conflicts: -- Supporting Material: --

    4.1.4.6 [BSW00426] Exclusive areas in BSW modules Initiator: WP1.1.2 Date: 08.12.2005 AUTOSAR Release: 2.0 and higher Short Description: Exclusive areas in BSW modules Type: Changed Importance: High Description: Exclusive areas shall be defined and documented in the BSW module

    description template. The exclusive areas shall be defined with a name and the accessing main functions, API services, callback functions and ISR functions. Exclusive areas shall only protect module internal data.

    Rationale: To allow priority determination for preventing simultaneous access to shared resources.

    Use Case: Stop interrupt handler from corrupting a data buffer in COM due to simultaneous access via the RTE.

    Dependencies: [BSW00434] The Schedule Module shall provide an API for exclusive areas Conflicts: -- Supporting Material: --

  • General Requirements on Basic Software Modules V2.0.1

    28 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    4.1.4.7 [BSW00427] ISR description for BSW modules Initiator: WP1.1.2 Date: 09.11.2005 AUTOSAR Release: 2.0 and higher Short Description: ISR description for BSW modules Type: New Importance: High Description: ISR functions shall be defined and documented in the BSW module

    description template. The ISR functions shall be defined with a name and the category according to the AUTOSAR OS.

    Rationale: Determination of locking scheme for a particular exclusive area. Use Case: Stop interrupt handler from corrupting a data buffer in COM due to

    simultaneous access via the RTE. Dependencies: -- Conflicts: -- 4.1.4.8 [BSW00428] Execution order dependencies of main processing

    functions Initiator: WP1.1.2 Date: 09.11.2005 AUTOSAR Release: 2.0 and higher Short Description: Execution order dependencies of main processing functions Type: New Importance: High Description: A BSW module shall state if its main processing function(s) has to be

    executed in a specific order or sequence with respect to other BSW main processing function(s).

    Rationale: Improved integration of BSW modules. Use Case: Improved efficiency in the COM stack by ensuring receive and transmit call

    sequence. Dependencies: -- Conflicts: --

  • General Requirements on Basic Software Modules V2.0.1

    29 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    4.1.4.9 [BSW00429] Restricted BSW OS functionality access Initiator: WP1.1.2 Date: 13.07.2005 AUTOSAR Release: 2.0 and higher Short Description: Restricted BSW OS functionality access Type: New Importance: High Description: BSW modules are only allowed to use OS objects and/or related OS

    services according to the following table:

    Objects / Service BSW Scheduler Module EcuM MCAL Drivers Other BSW modules OS Objects OS object “Task” OS object “ISR” OS object “Alarm” OS object “Counters” OS object “Scheduletables” OS object “Resource” OS object “Message” OS Services ActivateTask TerminateTask ChainTask Schedule GetTaskID GetTaskState DisableAllInterrupts EnableAllInterrupts SuspendAllInterrupts ResumeAllInterrupts SuspendOSInterrupts ResumeOSInterrupts GetResource ReleaseResource SetEvent ClearEvent GetEvent WaitEvent GetAlarmBase GetAlarm SetRelAlarm SetAbsAlarm CancelAlarm GetActiveApplicationMode StartOS ShutdownOS GetApplicationID StartScheduleTable StopScheduleTable NextScheduleTable SyncScheduleTable GetScheduleTableStatus SetScheduleTableAsync IncrementCounter TerminateApplication

  • General Requirements on Basic Software Modules V2.0.1

    30 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    Rationale: Simplification of the OS integration of BSW modules. Use Case: Integration of different BSW modules in one ECU. Dependencies: -- Conflicts: -- Supporting Material: --

    4.1.4.10 [BSW00431] The BSW Scheduler module implements task bodies Initiator: WP1.1.2 Date: 13.07.2005 AUTOSAR Release: 2.0 and higher Short Description: The BSW Scheduler module implements task bodies Type: New Importance: High Description: The BSW scheduler module shall be the only module which implements task

    bodies in order to call main processing functions. The BSW scheduler module will only be implemented by the (ECU) system integrator.

    Rationale: (1) The single BSW modules do not know about ECU wide dependencies and scheduling implications. Only at system integration time timing dependencies and the proper scheduling strategy is known. (2) The integrator of the BSW shall have proper means to garuantee a valid schedule. Indirect and intransparent timing dependencies between BSW modules shall be prohibited. (3) Eases the integration task. (4) Allow for non-preemptive as well as for preemptive scheduling strategies.(5) Reduction of resources (e.g., minimize the number of used tasks).

    Use Case: Example: TASK(BSW_Scheduler_10ms) { ... Eep_MainFunction_1(); Nm_MainFunction_1(); ... } TASK(BSW_Scheduler_Communications) { ... CanIf_MainFunction_Receive(); Com_MainFunction_Receive(); Com_MainFunction_Transmit(); CanIf_MainFunction_Transmit(); ... }

    Dependencies: -- Conflicts: -- Supporting Material: [BSW00373], TIM00431

    4.1.4.11 [BSW00432] Modules should have separate main processing

    functions for read/receive and write/transmit data path Initiator: WP1.1.2 Date: 17.10.2005 AUTOSAR Release: 2.0 and higher

  • General Requirements on Basic Software Modules V2.0.1

    31 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    Short Description: Modules should have separate main processing functions for read/receive and write/transmit data path.

    Type: New Importance: Medium Description: Modules which propagate data up (read, receive) or down (write, transmit)

    through the different layers of the BSW should have separate main processing functions for the read/receive and write/transmit data path.

    Rationale: Enables efficient scheduling of the main processing functions in a more specific order to reduce execution time and latency.

    Use Case: TASK(BSW_Scheduler_Communications) { ... CanIf_MainFunction_Receive(); Com_MainFunction_Receive(); Com_MainFunction_Transmit(); CanIf_MainFunction_Transmit(); ... }

    Dependencies: [BSW00373] Main processing function naming convention Conflicts: -- Supporting Material: --

    4.1.4.12 [BSW00433] Calling of main processing functions Initiator: WP1.1.2 Date: 13.07.2005 AUTOSAR Release: 2.0 and higher Short Description: Calling of main processing functions Type: New Importance: High Description: Main processing functions are only allowed to be called from task bodies

    provided by the BSW Scheduler. Rationale: Indirect and intransparent timing dependencies between BSW modules shall

    be prohibited. Use Case: -- Dependencies: -- Conflicts: -- Supporting Material: --

    4.1.4.13 [BSW00434] The Schedule Module shall provide an API for

    exclusive areas Initiator: WP1.1.2 Date: 20.10.2005 AUTOSAR Release: 2.0 and higher Short Description: The Schedule Module shall provide an API for exclusive areas Type: New Importance: High Description: The Schedule Module shall provide a (generic) API to enter or exit exclusive

    areas. The Schedule Module shall implement the proper data consistency strategy. This API shall be used by the BSW modules to implement exclusive areas.

  • General Requirements on Basic Software Modules V2.0.1

    32 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    Rationale: (1) Decouple module implementation from applying data consistency mechanisms (2) Enable to choose the proper ECU-wide data consistency mechanism (by the BSW/ECU/System integrator)

    Use Case: To be added after definition of the API. Dependencies: -- Conflicts: -- Supporting Material: --

    4.1.5 Shutdown Operation 4.1.5.1 [BSW00336] Shutdown interface Initiator: DC Date: 17.06.2004 AUTOSAR Release: 1.0 and higher Short Description: Shutdown interface. Type: New ([BSW101] split up into two parts) Importance: High Description: If a Basic SW module needs to shutdown functionality (e.g. release

    hardware resources), this shall be done in a separate API function. Rationale: Interface to ECU state manager Use Case: -- Dependencies: -- Conflicts: -- Supporting Material: --

    4.1.6 Fault Operation and Error Detection 4.1.6.1 [BSW00337] Classification of errors Initiator: WP1.1.2 Date: 17.06.2004 AUTOSAR Release: 1.0 and higher Short Description: Classification of errors. Type: New Importance: High Description: All AUTOSAR Basic Software Modules shall distinguish between the

    following two types of errors: • errors that can/shall only occur during development and where

    detection and/or reporting can be statically configured (on/off) • errors that are expected to occur also in production code

    Rationale: Extended error detection for debugging, basic error detection for deployment.

    Use Case: The EEPROM driver provides internal checking of API parameters which is only activated for the first software integration test (‘development build’) and disabled afterwards (‘deployment build’).

    Dependencies: [BSW00350] Development error detection keyword Conflicts: -- Supporting Material: --

  • General Requirements on Basic Software Modules V2.0.1

    33 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    4.1.6.2 [BSW00338] Detection and Reporting of development errors Initiator: WP1.1.2 Date: 17.09.2004 AUTOSAR Release: 1.0 and higher Short Description: Detection and Reporting of development errors Type: Changed (only one preprocessor switch) Importance: High Description: All AUTOSAR Basic Software Modules shall report detected development

    errors to the Development Error Tracer (DET). The detection and reporting shall be statically configurable (ON/OFF) per module with one single preprocessor switch.

    Rationale: Ease of debugging for development Use Case: For the first SW integration, the extended error detection and reporting is

    enabled for all modules. Detected errors like

    • EEPROM address access out of valid range • Sending on non-existent CAN channel • API service called without former module initialization

    are reported to the Development Error Tracer. The calls to the API function of the DET are counted and logged for later evaluation. After successful software integration, the reporting is disabled.

    Dependencies: [BSW00337] Classification of errors [BSW00350] Naming convention of development error detection keyword

    Conflicts: -- Supporting Material: --

    4.1.6.3 [BSW00369] Do not return development error codes via API Initiator: BMW Date: 26.10.2005 AUTOSAR Release: 1.0 and higher Short Description: Do not return development error codes via API Type: Changed Importance: High Description: All AUTOSAR Basic Software Modules shall not return specific development

    error codes via the API In case of a detected development error the error shall only be reported to the DET. If the API- function which detected the error has a return type it shall return E_NOT_OK.

    Rationale: The production version of a module shall have a limited number of return values.

    Use Case: Example 1: API service with standard return values (E_OK/E_NOT_OK): If a development error is detected within this API call, the API returns E_NOT_OK.

    Dependencies: [BSW00337] Classification of errors [BSW00327] Error values naming convention [BSW00357] Standard API return type

    Conflicts: -- Supporting Material: --

  • General Requirements on Basic Software Modules V2.0.1

    34 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    4.1.6.4 [BSW00339] Reporting of production relevant error status Initiator: WP1.1.2 Date: 17.06.2004 AUTOSAR Release: 1.0 and higher Short Description: Reporting of production relevant error status Type: Changed (10.11.2005) Importance: High Description: All AUTOSAR Basic Software Modules shall report error states that are

    relevant for diagnostics and/or application to the DEM (Diagnostic Event Manager). For reporting an error state the following BSW specific interface of DEM shall be called void Dem_ReportErrorStatus( Dem_EventIdType EventId, Dem_EventStatusType EventStatus ) If an error event occurred EventStatus shall be equal to: ‘DEM_EVENT_STATUS_FAILED’. If no error event occurred EventStatus shall be equal to: ‘DEM_EVENT_STATUS_PASSED’. State information shall be transferred to the DEM whenever state information is checked. Checks are not required to be cyclically or in a fixed frequency.

    Rationale: Central configuration and handling of error events instead of spreading the handling all over the Basic Software.

    Use Case: Error events like • NVRAM data block checksum error • EEPROM cell write failure • SPI device failure

    are reported to the DEM. Dependencies: [BSW00337] Classification of errors

    [BSW00327] Error values naming convention [BSW00386] Configuration for detecting an error

    Conflicts: -- Supporting Material: --

    4.1.6.5 [BSW00417] Reporting of Error Events by Non-Basic Software Initiator: Error Handling Date: 11.10.2005 AUTOSAR Release: 2.0 and higher Short Description: Reporting of Error Events by Non-Basic Software Type: New Importance: High Description: Software which is not part of the Basic Software (e.g. Application SW-C)

    shall report error events only after the DEM is fully operational. Rationale: It is only possible to store errors in error memory after the DEM is fully

    operational. To simplify error handling within DEM (and to gain efficiency) this requirement is needed.

    Use Case: Reporting of non plausible sensor values. Dependencies: -- Conflicts: --

  • General Requirements on Basic Software Modules V2.0.1

    35 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    Supporting Material: --

    4.1.6.6 [BSW00323] API parameter checking Initiator: WP1.1.2 Date: 16.06.2004 AUTOSAR Release: 1.0 and higher Short Description: API parameter checking. Type: New Importance: High Description: All AUTOSAR Basic Software Modules shall check passed API parameters

    for validity. This checking shall be statically configurable (on/off, via the global configuration switch for development error detection, see BSW00350) for those errors that only can occur during development

    Rationale: Ease of debugging for development, efficient code for deployment. Use Case: The EEPROM driver provides internal checking of API parameters which is

    only activated for the first software integration test (‘development build’) and disabled afterwards (‘deployment build’).

    Dependencies: [BSW00338] Detection and Reporting of development errors [BSW00350] Development error detection keyword [BSW00327] Error values naming convention

    Conflicts: -- Supporting Material: --

    4.1.6.7 [BSW004] Version check Initiator: BMW Date: 08.02.2006 AUTOSAR Release: 1.0 and higher Short Description: Version check Type: Changed Importance: High Description: All Basic SW Modules shall perform a preprocessor check of the versions of

    all included files. The integration of incompatible files shall be avoided. For included header files:

    • _AR_MAJOR_VERSION • _AR_MINOR_VERSION

    shall be identical. For the module internal c and h files:

    • _SW_MAJOR_VERSION • _SW_MINOR_VERSION • _AR_MAJOR_VERSION • _AR_MINOR_VERSION • _AR_PATCH_VERSION

    shall be identical. Rationale: Compatibility enforcement, error avoidance, ease of integration Use Case: For the update of Basic Software Modules, version conflicts shall be

    detected. Example:

    • For included files from other modules, the AUTOSAR- MAJOR and MINOR Version shall be verified. I.e. Can.c includes Dem.h: Only

  • General Requirements on Basic Software Modules V2.0.1

    36 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    MAJOR and MINOR shall be verified. • For included files from the same module all the version numbers

    shall be verified. Dependencies: [BSW003] Version identification

    [BSW00318] Format of module version numbers [BSW00402] Published information

    Conflicts: -- Supporting Material: --

    4.1.6.8 [BSW00409] Header files for production code error IDs Initiator: WP1.1.2 Date: 15.09.2005 AUTOSAR Release: 2.0 and higher Short Description: Header files for production code error IDs Type: New Importance: High Description: All production-code-error-ID symbols shall be defined in the file Dem.h or

    any other DEM header file which shall be included by Dem.h. Each Basic SW Module shall include the file Dem.h to retrieve the production-code-error-ID symbols and their values.

    Rationale: The error codes shall be defined in a central file, to simplify the include structure of the DEM.

    Use Case: Example for source code integration (for Eep): Dem.h specifies the production code error ID: #define EEP_E_COM_FAILURE ((Dem_EventIDType) 14) Eep.c: #include “Dem.h” .. Dem_ReportErrorStatus( EEP_E_COM_FAILURE, DEM_FAILED ); Example for object code integration (for Eep): Dem.h specifies the production code error ID: #define EEP_E_COM_FAILURE ((Dem_EventIDType) 14) Eep_PBcfg.c, which needs to be compiled and linked with the object code delivery: #include “Dem.h” #include “Eep_cfg.h” .. const Dem_EventIDType Eep_E_Com_Failure = EEP_E_COM_FAILURE; .. Eep_cfg.h, which needs to be compiled and linked with the object code delivery: extern const Dem_EventIDType Eep_E_Com_Failure; Eep.c, which is delivered as object file: #include “Dem.h” #include “Eep_cfg.h” .. Dem_ReportErrorStatus( Eep_E_Com_Failure, DEM_FAILED );

  • General Requirements on Basic Software Modules V2.0.1

    37 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    Dependencies: -- Conflicts: -- Supporting Material: --

    4.1.6.9 [BSW00385] List possible error notifications Initiator: WP1.1.2 Date: 16.11.2005 AUTOSAR Release: 2.0 and higher Short Description: List possible error notifications Type: Changed Importance: High Description: The BSW shall specify a list which production code errors and development

    errors may occur. This list must be mapped into the code (i.e. the respective function calls to the error notifications must be in the code).

    Rationale: Support the configuration of the DET, DEM, FIM. Use Case: -- Dependencies: [BSW00338] Detection and Reporting of development errors

    [BSW00339] Reporting of production relevant error status Conflicts: -- Supporting Material: --

    4.1.6.10 [BSW00386] Configuration for detecting an error Initiator: WP1.1.2 Date: 21.10.2005 AUTOSAR Release: 2.0 and higher Short Description: Configuration for detecting an error Type: Changed (Telcon) Importance: High Description: The BSW shall specify the configuration for detecting an error. This

    configuration shall describe criteria and limits how the error is detected and possibly reset. This is applicable for production code errors as well as for development errors.

    Rationale: -- Use Case: a) configuration of debounce counters (counting up/down), configuration of

    limits of these debounce counters etc., b) specify the library function which is to be used to debounce. c) specify whether the Diagnostic modules may request to delete errors. If so, specify how and when errors may be reset

    Dependencies: -- Conflicts: -- Supporting Material: --

  • General Requirements on Basic Software Modules V2.0.1

    38 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    4.2 Non-functional Requirements 4.2.1 Software Architecture Requirements 4.2.1.1 [BSW161] Microcontroller abstraction Initiator: BMW Date: 10.02.2004 AUTOSAR Release: 1.0 and higher Short Description: Microcontroller abstraction Type: New Importance: High Description: The AUTOSAR Basic Software shall provide a microcontroller abstraction

    layer which provides a standardized interface to higher software layers. Rationale: Portability and reusability.

    Encapsulate implementation details of a specific microcontroller from higher software layers.

    Use Case: Exchange microcontroller ST10 with STAR12 without affecting higher software layers interfacing with the microcontroller abstraction layer.

    Dependencies: -- Conflicts: -- Supporting Material: [DOC_LAYERED_ARCH]

    4.2.1.2 [BSW162] ECU layout abstraction Initiator: BMW Date: 10.02.2004 AUTOSAR Release: 1.0 and higher Short Description: ECU layout abstraction Type: Changed after review in VCC (06.05.2004) Importance: High Description: The AUTOSAR Basic Software shall provide a hardware abstraction layer

    which provides a stable interface to higher software layers which is independent from the ECU hardware layout.

    Rationale: Keep the impact of changes in the ECU hardware layout as small as possible. Portability and reusability of modules of higher software layers. Flexibility for changes in the ECU hardware layout.

    Use Case: • Change the hardware layout of the ECU (e.g. PortA.5 PortD.7) without affecting software layers interfacing with the hardware abstraction layer.

    • Use the NVRAM manager with an internal and/or external EEPROM. • Provide uniform access to analog signals using the on-chip ADC or an

    external ADC ASIC. Dependencies: -- Conflicts: -- Supporting Material: [DOC_LAYERED_ARCH]

    4.2.1.3 [BSW005] No hard coded horizontal interfaces within MCAL Initiator: BMW Date: 05.08.2004

  • General Requirements on Basic Software Modules V2.0.1

    39 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    AUTOSAR Release: 1.0 and higher Short Description: No hard coded horizontal interfaces within MCAL Type: Changed (because of SPAL objection) Importance: High Description: Modules of the µC Abstraction Layer (MCAL) may not have hard coded

    horizontal interfaces. Necessary interactions (e.g. GPT triggered ADC conversion) shall be implemented by using statically configurable notifications (callbacks).

    Rationale: Avoidance of strong coupling, ease of integration, better structure Use Case: -- Dependencies: -- Conflicts: -- Supporting Material: --

    4.2.1.4 [BSW00415] User dependent include files Initiator: WP1.1.2 Date: 08.11.2005 AUTOSAR Release: 2.0 and higher Short Description: User dependent include files Type: New Importance: Low Description: Interfaces which are provided exclusively for one module should be

    separated into a dedicated header file. The format of the file name shall be: _.h Comment: Common definitions for different interfaces (e.g. types) shall be defined in a common header file (e.g. .h).

    Rationale: Encapsulate an interface between modules in an include file Use Case: Example: CanIf_Pdur.h, CanIf_NM.h Dependencies: [BSW00346] Basic set of module files. Conflicts: -- Supporting Material: < Module name > shall be derived from WP1.1.2 “List of Basic Software

    Modules”, [DOC_MOD_LIST] (2…8 characters). shall be the user module from the same list.--

    4.2.2 Software Integration Requirements 4.2.2.1 [BSW164] Implementation of interrupt service routines Initiator: BMW Date: 10.02.2004 AUTOSAR Release: 1.0 and higher Short Description: Implementation of interrupt service routines Type: New Importance: High Description: Only the Operating System, complex drivers and modules of the

    microcontroller abstraction layer are allowed to implement interrupt service routines.

    Rationale: Portability and reusability. The implementation of interrupt service routines is highly microcontroller

  • General Requirements on Basic Software Modules V2.0.1

    40 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    dependent. Use Case: Exchange microcontroller ST10 with STAR12 without affecting higher

    software layers. Dependencies: -- Conflicts: -- Supporting Material: --

    4.2.2.2 [BSW00325] Runtime of interrupt service routines Initiator: CAS Date: 18.03.2005 AUTOSAR Release: 1.0 and higher Short Description: Runtime of interrupt service routines Type: Changed Importance: High Description: The runtime of interrupt service routines and functions that are running in

    interrupt context should be kept short. Where an interrupt service routine is likely to take a long time, an operating system task should be used instead.

    Rationale: Real time behavior, avoid blocking of the whole system. Use Case: An ISR calls a callback which is calling other callbacks. Dependencies: [BSW00333] Documentation of callback function context Conflicts: -- Supporting Material: --

    4.2.2.3 [BSW00326] Transition from ISRs to OS tasks Initiator: WP1.1.2 Date: 02.06.2004 AUTOSAR Release: 1.0 and higher Short Description: Transition from ISRs to OS tasks Type: New Importance: High Description: If a transition from an interrupt service routine to an operating system task is

    needed, it shall take place at the lowest level possible of the Basic Software, but at the latest in the RTE. This means: no interrupts on application level.

    Rationale: Real time behavior, avoid blocking of the whole system. Use Case: Negative example:

    An interrupt in a CAN driver calls nested functions up to the application layer. Up there, nobody knows that he is running in interrupt context.

    Dependencies: [BSW00344] Configuration at Runtime Conflicts: -- Supporting Material: --

    4.2.2.4 [BSW00342] Usage of source code and object code Initiator: WP1.1.2 Date: 24.11.2005

  • General Requirements on Basic Software Modules V2.0.1

    41 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    AUTOSAR Release: 1.0 and higher Short Description: Usage of source code and object code Type: Changed Importance: High Description: It shall be possible to create an AUTOSAR ECU out of modules provided as

    source code and modules provided as object code, even mixed. Rationale: Allow both:

    • IP protection and guaranteed test coverage : object code • High efficiency and configurability at ECU configuration time (by

    integrator) : source code

    Use Case: Some simple drivers could be provided as object code. More complex and configurable modules could be provided as source code or even generated code.

    Dependencies: [BSW00344] Configuration at Runtime Conflicts: -- Supporting Material: --

    4.2.2.5 [BSW00343] Specification and configuration of time Initiator: WP1.1.2 Date: 01.07.2004 AUTOSAR Release: 1.0 and higher Short Description: Specification and configuration of time Type: New Importance: High Description: The unit of time for specification and configuration of Basic SW modules

    shall be a physical time unit, not ticks. Rationale: The duration of a "tick" varies from system to system. Use Case: The software specification defines the unit (e.g. µs, s), for software

    configuration these units are used. Dependencies: -- Conflicts: -- Supporting Material: --

    4.2.2.6 [BSW160] Human-readable configuration data Initiator: Volvo Date: 01.03.2004 AUTOSAR Release: 1.0 and higher Short Description: Configuration files of AUTOSAR Basic SW module shall be readable for

    human beings Type: New Importance: High Description: Files holding configuration data for AUTOSAR Basic SW modules shall have

    a format that is readable and understandable by human beings. Rationale: Plausibility checking, comparison of different versions of configuration data. Use Case: XML is readable. Dependencies: -- Conflicts: -- Supporting Material: --

  • General Requirements on Basic Software Modules V2.0.1

    42 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    4.2.3 Software Module Design Requirements 4.2.3.1 Software quality 4.2.3.1.1 [BSW007] HIS MISRA C Initiator: BMW Date: 27.10.2005 AUTOSAR Release: 1.0 and higher Short Description: All Basic SW Modules written in C language shall conform to the HIS subset

    of the MISRA C Standard. Type: Changed Importance: High Description: MISRA C describes programming rules for the C programming language and

    a process to implement and follow these rules. Only in technically reasonable, exceptional cases MISRA violations are permissible. Such violations against MISRA rules shall be clearly identified and documented within comments in the C source code (including rationale why MISRA rule is violated). The comment shall be placed right above the line of code which causes the violation and have the following syntax: /* MISRA RULE XX VIOLATION: This the reason why the MISRA rule could not be followed in this special case*/

    Rationale: Portability, maintainability, error avoidance, safety Use Case: Software for safety relevant systems Dependencies: -- Conflicts: -- Supporting Material: --

    4.2.3.2 Naming conventions 4.2.3.2.1 [BSW00300] Module naming convention Initiator: BMW Date: 11.05.2004 AUTOSAR Release: 1.0 and higher Short Description: Module naming convention Type: New Importance: High Description: All AUTOSAR Basic Software Modules shall be identified by an

    unambiguous name. The module name is always part of related files. Convention for module related files:

    - _*.* - Spelling of module name: First letter of each word upper case,

    consecutive letters lower case - Module name: 2..8 letters, derived from WP1.1.2 SW Module List - Wildcard replacement according to module related file set (either

    basic and recommended) Rationale: The module name serves as an identifier and classification mechanism in

    order to group module related files. Use Case: Example: Eep.c, Eep.h, Eep_Cfg.h

  • General Requirements on Basic Software Modules V2.0.1

    43 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    Dependencies: -- Conflicts: -- Supporting Material: WP1.1.2 SW Module List (module short names)

    4.2.3.2.2 [BSW00413] Accessing instances of BSW modules Initiator: WP1.1.2 Date: 08.12.2005 AUTOSAR Release: 2.0 and higher Short Description: Accessing instances of BSW modules Type: Changed Importance: Medium Description: Instances of one type of BSW module are characterized by:

    - same vendor, - same functionality, - same hardware device. Instances should be accessed index based.

    Rationale: -- Use Case: Example:

    MyFunction(uint8 MyIdx, MyType MyParameters, ... ); Or optimised for sourcecode delivery: #define MyInstance(p, index) Function##index (p)

    Dependencies: [BSW00347] Naming separation of drivers Conflicts: -- Supporting Material: --

    4.2.3.2.3 [BSW00347] Naming separation of different instances of BSW drivers Initiator: WP1.1.2 Date: 23.11.2005 AUTOSAR Release: 1.0 and higher Short Description: Naming separation of different instances of BSW drivers Type: Changed Importance: High Description: Driver modules shall be named according to the following rules (only for

    implementation, not for the software specification): • First the module name has to be listed:

    • After that the vendor Id defined in the AUTOSAR vendor list has to be

    given

    • At last a vendor specific name follows

    • All parts shall be separated by underscores “_” • This naming extension applies to the following externally visible

    elements of the module: o File names o API names o Published parameters s

    Rationale: Avoidance of name clashes Use Case: Examples:

    • EEPROM (LD): Eep_21_LDEepDriver.c

  • General Requirements on Basic Software Modules V2.0.1

    44 of 73 AUTOSAR_SRS_General - AUTOSAR confidential -

    o API: Eep_21_LdInit() • Published parameters: EEP_21_SW_MAJOR_VERSION

    Dependencies: -- Conflicts: -- Supporting Material: WP1.1.2 SW Module List (mod